This Week in Technology

A series of spear-phishing attacks using fake emails with malicious attachments attempts to deliver a new family of malware, which researchers at Palo Alto Networks have identified and dubbed BabyShark. The campaign started in November and remained active at least into the new year.

A vulnerability in the cluster service manager of Cisco HyperFlex Software could allow an unauthenticated, adjacent attacker to execute commands as the root user. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by connecting to the cluster service manager and injecting commands into the bound process. A successful exploit could allow the attacker to run commands on the affected host as the root user.

McAfee pointed in particular to surging detections of mobile backdoor threats like TimpDoor – malware now twice as prevalent as its closest competitor – along with a sharp spike in the number of “fake” apps it noted towards the end of 2018, including trojans.

While it's easy to focus on the sensational subject of malware, the truth is that mobile malware infections are incredibly uncommon in the real world — with your odds of being infected significantly less than your odds of being struck by lightning, according to one estimate. The more realistic mobile security hazards lie in some easily overlooked areas, all of which are only expected to become more pressing as we make our way through 2019.

The CyberArk Privileged Access Security Solution is the industry’s most comprehensive solution for protecting against the exploitation of privileged accounts, credentials and secrets anywhere – across on-premises, cloud and DevOps environments, and on the endpoint. CyberArk helps eliminate the most advanced cyber threats by identifying existing credentials across networks, locking them down, and leveraging continuous monitoring to detect and isolate anomalous behavior to stop attacks early on.

NVIDIA has released a software security update for the NVIDIA GPU Display Driver. This update addresses issues that may lead to denial of service, escalation of privileges, code execution, or information disclosure.

On Tuesday, researchers at the security firm Eclypsium published the results of an experiment in which they showed that they could, for a certain class of cloud computing servers, pull off an insidious trick: They can rent a server from a cloud computing provider—they focused on IBM in their testing—and alter its firmware, hiding changes to its code that live on even after they stop renting it and another customer rents the same machine.

Attackers are increasingly logging in using weak, stolen, or otherwise compromised credentials. Centrify’s survey underscores how the majority of organizations’ IT departments have room for improvement when it comes to protecting privileged access credentials, which are the ‘keys to the kingdom.’

A third party illegally gain access to several employee email accounts. As many as 326,000 patients were potentially affected by the attack, according to local news station WFSB. UConn Health discovered the email accounts were attacked on Dec. 24, 2018. The email accounts contained names, dates of birth, addresses and limited medical information, such as billing and appointment information. Of the patients affected, 1,500 also have their Social Security number at risk.

The vulnerability allows any attacker with any browser to execute code of their choice via the web interface used for managing Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router. The networking giant has assigned the bug, tagged as CVE-2019-1663, with a severity score of 9.8 out of a possible 10 under the Common Vulnerability Scoring System (CVSS).

Generally focused on smartphones, the hackers have now expanded their horizons with the launch of Farseer. The malware is spread through phishing campaigns and malicious .PDF files which employ social engineering tactics through the copy-and-paste of news articles sourced through a Myanmar website.

The ICD Exchange standardized APIs, EVP and enterprise products GM Art Gilliland said, making it possible for technology partners to develop and deliver value to customers faster. With the ICD Exchange, Gilliland said products and systems from different vendors end up using the same language to understand what's happening in an environment.